Описание
Multiple SQL injection vulnerabilities in index.php in phsBlog 0.2 allow remote attackers to execute arbitrary SQL commands via (1) the sid parameter in a pickup action or (2) the sql_cid parameter, different vectors than CVE-2008-3588.
Multiple SQL injection vulnerabilities in index.php in phsBlog 0.2 allow remote attackers to execute arbitrary SQL commands via (1) the sid parameter in a pickup action or (2) the sql_cid parameter, different vectors than CVE-2008-3588.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-4072
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45053
- https://www.exploit-db.com/exploits/6431
- http://secunia.com/advisories/31815
- http://securityreason.com/securityalert/4246
- http://www.securityfocus.com/archive/1/496233/100/0/threaded
- http://www.securityfocus.com/bid/31172
Связанные уязвимости
nvd
больше 17 лет назад
Multiple SQL injection vulnerabilities in index.php in phsBlog 0.2 allow remote attackers to execute arbitrary SQL commands via (1) the sid parameter in a pickup action or (2) the sql_cid parameter, different vectors than CVE-2008-3588.